CVE-2013-2148

2013-06-07T14:03:00
ID CVE-2013-2148
Type cve
Reporter cve@mitre.org
Modified 2014-01-04T04:46:00

Description

The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor.